检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]盐城工学院信息工程学院,盐城224051 [2]华中科技大学计算机学院,武汉430074 [3]湖北移动网管中心,武汉430023
出 处:《武汉理工大学学报》2010年第20期99-102,107,共5页Journal of Wuhan University of Technology
摘 要:早期的安全系统,存在易被盗用的风险;对用户操作的审核,是一种滞后被迫分析。针对早期安全系统中的不足,文中提出一种基于短信互动的实时安全审计模型。在该模型中,用户登录时系统自动产生动态密码,通过短信的方式发送给用户;通过对动态密码设置时间有效期(如60 s)确保用户认证的有效性;通过短信白名单和黑名单的访问控制列表方式实现对用户帐号的有效性管理;用户通过发送短信可实时禁用或启用帐号;通过对帐号状态的实时监控从而实现对用户行为的实时审计。Among previous security systems,there was a common problem: the user-id was easy to be stolen and used by others.And audit was forced to execute if the user was found to be abnormal.Due to these defects,a novel real time audit model is proposed based on interactive short message.In the model,dynamic password is automatically generated when a user applies to log on,which is sent to the user via a short message.The effective period of the dynamic password,such as sixty seconds,is set to ensure the user's authentication.The user-id is managed by white short message list or black short message list,which is a special access control list.A user can activate or prohibit his user-id by sending short message with different content.And the real audit towards a user's operation can be realized by control the status of a user's user-id.
分 类 号:TN919.3[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.30
